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WHAT IS CLAIMED IS: 



L A method of processing a client request for a document from a server in a data processing 
network, comprising: 

5 

determining whether the requested document is context restricted; 

responsive to determining that the requested document is context restricted, determining 
whether the client has access authority to the requested document; and 

10 

responsive to determining that the client lacks access authority, responding to the client 
request by returning a version of the requested document that differs from a version 
H returned to a client having access authority. 

Nil 5 2. The method of claim 1, wherein determining whether the client has access authority includes 
y~l determining whether the client has direct access authority. 

s 3. The method of claim 2, wherein the client request comprises an HTTP formatted request and 
jh further wherein determining whether the client has direct access authority includes comparing 
^ 20 state information contained in the request to a predetermined value. 

4. The method of claim 3, wherein the state information required to acquire direct access 
authority is sent to the client when the client views a document or set of documents that provide 
the required context for the requested document. 

25 

5. The method of claim 1, wherein determining whether the client has access authority includes 
determining whether the client has indirect access authority. 

6. The method of claim 5, wherein the client request comprises an HTTP formatted request and 
30 further wherein determining whether the client has indirect access authority includes determining 

whether the client has been referred to the requested document by a third party server. 
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7. The method of claim 6, wherein determining whether the client has been referred by a third 
party server comprises determining whether the value of a request header field in the client 
request matches at least one entry in a table of authorized referrers. 

5 

8. The method of claim 7, wherein the request header field comprises a referrer header field of an 
HTTP request and wherein the table of authorized referrers is stored permanent storage to which 
the server has access. 

10 9. The method of claim 1, wherein returning a version of the requested document that differs 
includes retrieving the requested document and running an application to insert a visibly 
detectable notice indicating that the requested document is being viewed out of context. 

10. A computer program product comprising a sequence of instructions for processing a client 
15 request for a document from a server in a data processing network, the sequence being encoded 

on a computer readable medium, comprising: 

computer code means for determining whether the requested document is context 
restricted; 

20 

computer code means for determining whether the client has access authority to the 
requested document responsive to determining that the requested document is context 
restricted; and 

25 computer code means for responding to the client request by returning a version of the 

requested document responsive to determining that the client lacks access authority, 
wherein the version differs from a version returned to a client having access authority. 

1 1 . The computer program product of claim 10, wherein the code means for determining whether 
30 the client has access authority includes code means for determining whether the client has direct 

access authority. 
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12. The computer program product of claim 11, wherein the client request comprises an HTTP 
formatted request and further wherein the code means for determining whether the client has 
direct access authority includes code means for comparing state information contained in the 

5 request to a predetermined value. 

13. The computer program product of claim 12, wherein the state information required to acquire 
direct access authority is sent to the client when the client views a document or set of documents 
that provide the required context for the requested document. 

10 

14. The computer program product of claim 10, wherein the code means for determining whether 
the client has access authority includes code means for determining whether the client has 
indirect access authority. 

15 15. The computer program product of claim 14, wherein the client request comprises an HTTP 
formatted request and further wherein the code means for determining whether the client has 
indirect access authority includes code means for determining whether the client has been 
referred to the requested document by a third party server. 

20 16. The computer program product of claim 15, wherein the code means for determining whether 
the client has been referred by a third party server comprises code means for determining 
whether the value of a request header field in the client request matches at least one entry in a 
table of authorized referrers. 

25 17. The computer program product of claim 16, wherein the request header field comprises a 
referrer header field of an HTTP request and wherein the table of authorized referrers is stored in 
permanent storage to which the server has access. 

18. The computer program product of claim 10, wherein the code means for returning a version 
30 of the requested document that differs includes code means for retrieving the requested 
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document and code means for running an application to insert a visibly detectable notice 
indicating that the requested document is being viewed out of context. 

19. A server for use in a data processing network, the server including processor and memory 
5 containing a sequence of instructions for processing a client request for a document from a server 

in a data processing network, the sequence being encoded on a computer readable medium, the 
instructions comprising: 

computer code means for determining whether the requested document is context 
10 restricted; 

computer code means for determining whether the client has access authority to the 
requested document responsive to determining that the requested document is context 
restricted; and 

15 

computer code means for responding to the client request by returning a modified version 
of the requested document responsive to determining that the client lacks access 
authority, wherein the version differs from the requested document returned to a client 
having access authority. 

20 

20. The server of claim 19, wherein the code means for determining whether the client has access 
authority includes code means for determining whether the client has direct access authority. 

21. The server of claim 20, wherein the client request comprises an HTTP formatted request and 
25 further wherein the code means for determining whether the client has direct access authority 

includes code means for comparing state information contained in the request to a predetermined 
value. 



30 



22. The server of claim 21, wherein the state information required to acquire direct access 
authority is sent to the client when the client views a document or set of documents that provide 
the required context for the requested document. 
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23. The server of claim 19, wherein the code means for determining whether the client has access 
authority includes code means for determining whether the client has indirect access authority. 

5 24. The server of claim 23, wherein the client request comprises an HTTP formatted request and 
further wherein the code means for determining whether the client has indirect access authority 
includes code means for determining whether the client has been referred to the requested 
document by a third party server. 

10 25. The server of claim 24, wherein the code means for determining whether the client has been 
referred by a third party server comprises code means for determining whether the value of a 
request header field in the client request matches at least one entry in a table of authorized 
referrers, 

15 26. The server of claim 25, wherein the request header field comprises a referrer header field of 
an HTTP request and wherein the table of authorized referrers is stored in permanent storage to 
which the server has access. 

27. The server of claim 19, wherein the code means for returning a modified version of the 
20 requested document includes code means for retrieving the requested document and code means 
for running an application to insert a visibly detectable notice indicating that the requested 
document is being viewed out of context. 



